[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2015056236A1 - A method of generating key arrays of random numbers and encryption - Google Patents

A method of generating key arrays of random numbers and encryption Download PDF

Info

Publication number
WO2015056236A1
WO2015056236A1 PCT/IB2014/065409 IB2014065409W WO2015056236A1 WO 2015056236 A1 WO2015056236 A1 WO 2015056236A1 IB 2014065409 W IB2014065409 W IB 2014065409W WO 2015056236 A1 WO2015056236 A1 WO 2015056236A1
Authority
WO
WIPO (PCT)
Prior art keywords
array
random number
master
data
key
Prior art date
Application number
PCT/IB2014/065409
Other languages
French (fr)
Inventor
Andre Keith Joubert
Original Assignee
Andre Keith Joubert
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Andre Keith Joubert filed Critical Andre Keith Joubert
Publication of WO2015056236A1 publication Critical patent/WO2015056236A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography

Definitions

  • the invention relates to a method of generating multiple key arrays of random numbers for cryptographic and statistical purposes; and, more specifically, to a method of encryption and associated decryption of data using such key arrays.
  • Vernam-Mauborgne Cipher 1 (or One Time Pad [OTP]) provides perfect secrecy, proven mathematically by Shannon 2 . This quality of the cipher depends on a secret key being truly random, unpredictable, as long as the plaintext, and used only once.
  • the cipher has the further advantage that actual encryption of a plaintext to a ciphertext is simple and fast.
  • a drawback of this cipher is the fact that the amount of key material required is as large as the plaintext being encrypted. If the cipher is used to encrypt data for storage, secret key storage equal to the plaintext length is required, doubling
  • this cipher requires truly random data for its key. Thus, a deterministic process cannot be used, for it must not be possible to determine any other value from one or more observed values.
  • a source of natural randomness, free of cyclical variation is required, as provided by sources obeying quantum physics. Some examples providing excellent sources of such randomness utilise timing of intervals between the emission of nuclear decay particles from a radioactive source, or those between the emission of photons from a light source, or counting the number of photons passing through and being reflected by a semi-reflective mirror.
  • a further drawback of this cipher is that, if it is employed to secretly communicate between two or more parties, the secure transport of a unique set of replenishment key data for each ciphertext becomes an additional problem.
  • a traditional replenishment method uses trusted couriers. However, this does not provide certainty that an adversary has not acquired the data.
  • QKD Quantum Key Distribution
  • a modern alternative replenishment method is Quantum Key Distribution [QKD] 3 , which utilizes the Heisenberg uncertainty principle of quantum physics to enable detection of any attempt by an adversary to read the data in the quantum channel (optical fibre or free space/air, etc).
  • QKD can thus ensure the key is secret.
  • the verification process requires numerous between- party communications, and discarding of portions of the key stream, reducing the net rate of ciphertext generation.
  • only a small fraction of the channel's capacity can be used for OTP-encrypted traffic, which fraction reduces rapidly with increase in path-length.
  • a 45km channel has been able to provide 1 Mb/s, sufficient for the transmission of video.
  • 1 Mb/s is -0.01 % of a typical 10 Gb/s optical fibre channel. It is for this reason that block ciphers are used to achieve better utilization of expensive
  • a method of encryption comprising: a. providing a master random number array; b. selecting a plurality of predetermined unique indices to serve as offsets within the master random number array; c. recording as referencing data the details of each offset; d. using an offset in the master random number array that is unique to a plaintext data set to be encrypted; e. extracting first random number data from the offset within the master random number array, which random number data corresponds in length to a state-space of a Pseudo-Random Number Generator [PRNG], to provide a seed; f. using the seed to fill the state-space of the PRNG that generates uniform random numbers; g.
  • PRNG Pseudo-Random Number Generator
  • the invention further provides for a method as defined, in which the steps d. to i. are repeated for each plaintext data set to be encrypted.
  • a further feature of the invention provides for a method as defined, in which decryption of the ciphertext comprises: a. using the referencing data to identify the master random number array and offset relevant to the encrypted plaintext data set; b. repeating the steps taken during encryption, substituting the ciphertext length for the plaintext length, to recreate the original encryption key; and c. using the encryption key to decrypt the ciphertext.
  • the master random number array is used as a circular, continuous array starting from the offset unique to the plaintext data set to be encrypted; and in which the master random number array is a truly random number [TRN] array (produced by a truly random number generator [TRNG]).
  • a further feature of the invention provides for a method as defined, in which the PRNG has a repeat period greater than the length of the plaintext data set to be encrypted.
  • shuffle algorithm is a Durstenfeld-Fisher- Yates shuffle [DFYS] algorithm; and in which the key array of random number data is used with a Vernam-Mauborgne (One-time Pad) [OTP] cipher to encrypt the plain text data set.
  • a further feature of the invention provides for a method as defined, which is used to encrypt a newly-generated master random number array and referencing data and transmit the newly-generated master random number array and referencing data as ciphertext between parties each in possession of the existing master random number array and referencing data used to produce the ciphertext.
  • a method of generating multiple key arrays of random numbers comprising: a. providing a master random number array; b. selecting a plurality of predetermined unique indices to serve as offsets within the master random number array; c. recording as referencing data the details of each offset; d. selecting an offset in the master random number array; e. extracting first random number data from the selected offset within the master random number array, which first random number data corresponds in length to a state-space of a Pseudo-Random Number Generator [PRNG], to provide a seed; f. using the seed to fill the state-space of a PRNG that generates uniform random numbers; g.
  • PRNG Pseudo-Random Number Generator
  • the invention further provides for a method as defined, wherein the master random number array is used as a circular, continuous array starting from the offset.
  • a further feature of the invention provides for a method as defined, in which the master random number array is a truly random number [TRN] array (produced by a truly random number generator [TRNG]).
  • a further feature of the invention provides for a method as defined, in which the PRNG has a repeat period greater than a length of the key array of random numbers required.
  • Truly random number/s [TRN] Members of a set of such numbers generated by a non-deterministic process, each within a given range of values, of which none can be predicted after observing one or more, or a series thereof, whether isolated or contiguous, and indicated to be random by suitable statistic tests.
  • Statistic tests Given a large set of many random numbers (bytes), they should be unpredictable, substantially uncorrelated, uniformly distributed, and have few long repeat runs. The set should be tested for incompressibility, correlation, entropy, and distribution, at least.
  • Truly random number generator A non deterministic means of generating a sequence of truly random numbers/bytes with substantially equal counts of all values in its output, when considering a large output array.
  • Array A list, array, table, file, or the like, wherein reference can be made to each contained data item by an index. It can loosely include a string of characters, indexed by their positions in the string. Large (when applied to random number arrays): Of such size the criteria being considered are satisfied thereby.
  • Index/indices Reference's in an array, enabling individual data items to be inserted, accessed, replaced, modified, and/or removed.
  • Offset A selected starting index in an array.
  • Circular array An array of n elements, having indices (j) from (0 to n-1 ), addressed by external indices (k) with the same limits, starting from a selected starting point index (the offset), and traversed in the direction of increasing indices up to its end, whereupon the traverse loops to the array's beginning and continues up to the index before the offset.
  • a circular array is typically produced by using a linked list or a simple array, i.e., an array comprising one value for each index.
  • this algorithm excludes multiple traversals that will be required if the external indices exceed n-1 .
  • Seed Initializing data supplied to initialize a pseudorandom number generator so as to enable it to begin generating random numbers of the required quality.
  • PRNG Pseudorandom number generator
  • Preferred pseudorandom number generator A fast pseudorandom number generator producing uniformly distributed numbers, as well as having a very long repeat period, greater than that of the data set for which it is required e.g. the dSFMT 2,2 2012 Mersenne-Twister 4 , or better. This has repeat periods of 2 521 -1 to 2 216091 -1 values (2 19937 -1 is common). For very fast generation, a Graphic Process Unit [GPU] or Field Programmable Gate Arrays [FPGA] implementation is appropriate.
  • GPU Graphic Process Unit
  • FPGA Field Programmable Gate Arrays
  • Plaintext An array or string of data, words, figures, bits or bytes, which forms the subject matter of an operation, e.g., data (image, text, program file, etc) storage, message transfer, random sampling, etc., optionally containing hash values used for verification and authentication.
  • Durstenfeld-Fisher-Yates shuffle 5 [DFYS] algorithm An algorithm which, provided the random numbers used to index it are uniformly distributed and unbiased, ensures that the resulting permutation is random and unbiased.
  • Key or key text An array of truly random numbers/bytes used to encrypt a plaintext/decrypt a ciphertext.
  • Ciphertext An array or string produced by a cipher algorithm that encodes a plaintext using a key, rendering the plaintext in an unreadable form without the proper cipher and key to decrypt it.
  • QKD Quantum Key Distribution
  • TRN true Random Binary data
  • ASCII code American Standard Code for Information Interchange
  • large a set of TRN may be, it contains a maximum of 256 different byte-values.
  • the TRN are by definition substantially uniformly random, and therefore the set contains substantially equal counts of each byte-value.
  • the order in which the individual bytes are generated is truly random. In the course of time, the generator delivers an array of TRN.
  • any large set of TRN although possessing good statistics, will not have exactly equal numbers of each byte-value, by the very nature of randomness.
  • large subsets are randomly taken from this large set of TRN, differing statistics of the shuffled subsets are obtained, because the byte-counts will differ between subsets.
  • all subsets will have acceptable variations and be TRN. If each subset's PPRNG seed is extracted from a unique offset, the shuffled subset will be unique.
  • the quality of the shuffled TRN set is dependent on that of the original set, the quality of the indexing PPRNG, the shuffle algorithm used, and the PPRNG seed.
  • the seeds should comprise TRN subsets and be unique to each shuffling operation.
  • the key storage requirement if keys need to be stored, is reduced from one whole key per encryption, to a single TRN array and a small amount of key shuffling data that will enable recreation of a particular key. This solves the OTP key storage problem.
  • Figure 1 which shows a schematic layout of the method of the invention as it is used to achieve secrecy of data during storage and/or transmission.
  • An array hereinafter termed the Master array, of non-deterministically generated truly random numbers is considered as a circular array, starting from an offset unique to each data set to be encrypted, and a unique set of truly random numbers sufficient to fill the state-space of a preferred pseudo-random generator extracted.
  • a copy array of the following truly random numbers, of length equal to the data set in question, is then extracted.
  • This copy is shuffled in an unbiased manner, indexed by the uniformly-distributed numbers generated by the preferred pseudo-random generator.
  • This array is used as a Vernam-Mauborgne encryption key.
  • Encryption key management is greatly simplified, as many encryptions can be executed using the original Master array of truly random numbers
  • each stored truly random number array generated by an often relatively slow-paced quantum process can provide unique encryption keys for each of many sets of data, eliminating the key storage problem normally associated with the Vernam- Mauborgne cipher.
  • An ID file or array containing the unique offsets associated with each plain/ciphertext is maintained. This enables the correct unique encryption/decryption key to be generated. Each entry is securely deleted when no longer required.
  • One typical application using the above simple method would be data archiving, where a single user encrypts and decrypts the data.
  • the ID file record concerning a particular plaintext/ciphertext is securely deleted when decryption is no longer required.
  • the method may be modified to include Master array file shuffling between each encryption/decryption, dedicated Master/ID file ranges per user, and erasing of the particular offsets.
  • a new set of truly random number data can be sent encrypted under a key from the existing Master array, as a message or group of messages, i.e., without secret physical transfer or quantum key distribution. From this set of truly random number data, new Master and associated ID array/s can be generated. This overcomes the seed resupply problem normally experienced with the Vernam- Mauborgne cipher, and enables almost full channel capacity to be used for transmission of perfectly secret data.
  • Example 1 an example of the application of the method when employed by one party to achieve perfect secrecy of data during transmission and local or remote storage, via the internet or dedicated means, is described. See Example 1 , below.
  • Example 1 Achieving secrecy of data during transmission and/or storage
  • the method comprises the following steps:
  • the length should be chosen while bearing in mind the size of plaintexts likely to be encountered, and the minimum statistical test-size required. It could typically have a length of 10 MB to 10 GB with one byte in the range [0..255] at each index in the Master array. For the purpose of this document, as an example, a Master array length of 20 MB is chosen, which is considered to be larger than 90% of the files normally processed by an average user.)
  • ID array Create an ID array 30 with column labels Input Name 32, Offset 33, Output Name 34.
  • Offset 33 column with unique random indices into the Master array 20 substantially evenly spaced throughout its length.
  • the number of files to be encrypted using this Master array could be, say, 200 000.
  • the offsets could then be at approximately 100 byte intervals, within say 10 %.
  • the offsets should be shuffled before being inserted in the ID array.
  • the Master array 20 might be used to supply data to encrypt 200 000 Plaintexts, for example. There might be 100 ID arrays of 2000 rows used in conjunction with that Master array, to facilitate sorting/searching.)
  • a cryptographic hash algorithm 6 e.g., MD5
  • Seed Create Seed 80 by sequentially extracting truly random numbers from the Master array 20, considering it as a circular array starting from the Offset 60 determined by the ID array's offset in column 33.
  • Cryptographic Hash algorithm a general overview is provided here: http://en.wikipedia.or /wiki/Crvptoqraphic hash function.
  • the fact that the cryptographic hash is encrypted with the plaintext renders it secret. Thus, an adversary cannot attack it. Therefore, even if the hash is considered to be vulnerable when visible in the clear, e.g., the MD5 hash, it is adequate for the required duty.
  • the number of truly random numbers that will form the Seed 80 depends upon the chosen pseudo-random generator (PRNG). If the PPRNG 90 (a Mersenne-Twister, in this case) is selected, as indicated in example of Figure 1 , the state-space requires 624 x 32-bit integers to fill it, or 2496 Bytes.
  • PRNG pseudo-random generator
  • Offset 70 is that index immediately after the index used to extract the final truly random number extracted for the Seed 80 from the Master array 20. Offset 70 now serves as the zero index of the Master array 20, configured as a circular array.
  • Master Array Copy Starting at the Offset 70, create Master array copy 130 of the Masterarray 20 equal to the Plaintext-with-Hash 160 of Length 190, by reading sequential bytes from Master array 20, considered as a circular array, until the required array length is reached.
  • the Length 190 exceeds, say, three times the Master array 20 length, then split the Plaintext into two or more portions and treat them as separate Plaintexts with appropriately annotated Input Names 32 so that, on decryption, they can be correctly concatenated into the original Plaintext.
  • the steps from 'Usage', above, must be carried out for each portion.
  • Encryption Key With the Durstenfeld-Fisher- Yates shuffle algorithm 140, indexed by the random numbers issued by the PPRNG 90, shuffle the Master array copy 130 (preferably in-place) to create the Encryption key 150.
  • Encryption XOR 170 each byte of the Plaintext-with-Hash 160 with the corresponding byte of the Encryption key 150 to create the Ciphertext 180. If volatile memory was not used for the Master array copy 130 and if the Encryption key 150 was not created by shuffling the Master array copy 130 in place, then securely delete it/them.
  • Storage Store the Ciphertext 180 using its Output Name 34 as the file name, either locally or at one or more remote location/s.
  • Verify Integrity & Authenticity Remove the hash from the Plaintext- with-Hash 160, compute the hash of the remaining Plaintext using the original hash algorithm, and compare with the decrypted hash. If the hashes differ, the ciphertext contains errors or has been corrupted, and retrieval from another storage location should be tried.
  • Each Plaintext is encrypted with a unique truly random key.
  • Ciphertext A passive attacker viewing the Ciphertext cannot learn anything more about the Plaintext than he knew prior to viewing the Ciphertext.
  • Example 2 Method of achieving secrecy of data message transmission between two or more parties
  • Example 1 The method in Example 1 , above, can be adapted to provide perfect secrecy of data message transmission between two, or more, parties, by providing duplicate Master and ID files to each party, and allocating unique ranges of ID data to each.
  • This system is simple and fast. It provides perfect secrecy provided each party preserves the secrecy of the Master and ID arrays.
  • the communication topology is likely to have a mesh structure, i.e., any party can communicate with any other party.
  • the method comprises the following steps.
  • Master array/s As per Example 1 Master Array. As many unique Masters as there are parties are required. Each party has all Masters and their associated ID arrays m his possession. Each party has a unique Master allocated for him to encrypt data. He uses the sender's Master to decrypt that sender's data.
  • ID array As per Example 1 ID Array, except that no Input Name 32 is used, there being only the two columns 33 and 34. Each Master has its own ID array.
  • the party generating the Truly Random Numbers and creating the Masters and ID arrays transfers copies of the Master and ID arrays to all parties in a secure physical manner, maintaining data secrecy.
  • Each party uses his allocated Master and its ID array to encrypt all data messages he sends, and the sender's allocated Master and its ID array to decrypt a received data message.
  • the ciphertext contains errors or has been corrupted or attacked, and the sender should be notified.
  • a data message should be sent to all parties, by each party, so that all parties' Masters are updated to the same state.
  • the shuffling of the Master array prevents an attacker from determining any previously used keys, should he gain possession of the Master and ID array files.
  • the periodical sending of a data message from each party to all other parties and the resultant up to date state of the Masters ensures that no previous message, between any parties, can be decrypted by an attacker in possession of one or more party's/parties' Masters and ID arrays.
  • Replacement truly random number data sets may be securely transferred by sending them as messages secured with the existing Master/s and ID array/s. From these data sets, new sets of Master/s and ID arrays can be generated by each party.
  • QKD can be used to deliver this data from the party having the TRNG or PTRNG to the other. This would be a one-time requirement, on initial channel setup.
  • QKD will only be required to transfer one initial set of TRN data, it is feasible to use QKD over a long path-length.
  • Published figures for QKD over a 250km optical fibre channel indicate ⁇ 2b/s, or ⁇ 7kB/h, is possible. For that path-length, the time taken to transfer the required initial data might run to a day or more.
  • a large TRN array can be generated by concatenating, say, 100kB sets, and then shuffling.
  • the resultant key can then be used to transfer a TRNG key and then discarded. Thereafter, QKD is not required further, and high channel data-rate is enabled. Normal periodic TRN key replenishment is then effected as described in Example 2.
  • Non-encryption applications of certain steps of the method For certain applications, e.g., statistical analysis, random sampling, etc., large amounts of truly random data are preferred.
  • the method described above in Example 2 for transmission between two or more parties can be applied, with omission of the encryption/decryption steps.
  • the ID array 30 will omit the Output Name 34 column.
  • the Encryption key 150 forms the required data set.
  • the recipients can duplicate any set of data by using the Input Name 32 and retrieving the Offset 33.
  • the invention accordingly provides a method of achieving Shannon's perfect secrecy of data transmission and storage.
  • the method incorporates authenticity and integrity verification. It eliminates the main problems, i.e., the key length resulting in twice the data storage requirement, and key replenishment requiring secure physical transfer.
  • the method provides perfect secrecy of data during communication between two or more parties, e.g., using a mesh topology. Replenishment of key material is effected without the necessity of secure physical delivery.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a method of encryption, using an initial, large, secret Truly Random Number [TRN] array, produced by a non-deterministic method, preferably quantum physical, and of length greater than the longest plaintext, together with some referencing data, recording predetermined random offsets in the TRN array. Many TRN keys are created by (a), using an offset in the TRN array that is unique to each plaintext; (b), extracting TRN data from that offset to fill the state-space of a Pseudo-Random Number Generator [PRNG] that generates uniform random numbers; and (c), using PRNG output to provide the indices for a Durstenfeld-Fisher-Yates shuffle [DFYS] (or equivalent) algorithm to re-order a subset copy of the TRN of length equal to that of the plaintext. The resultant key array comprises TRN data and is indistinguishable from that produced by a TRN generator and can be used with a Vernam-Mauborgne (One-time Pad) [OTP] cipher for encryption. No PRNG data is exposed to ciphertext attack, nor used in the key. These steps can be repeated numerous times, producing new, unique TRN key arrays, overcoming the key storage drawback. When desired, a newly-generated TRN array and referencing data can be encrypted with the existing key and transmitted between parties.

Description

A METHOD OF GENERATING KEY ARRAYS OF
RANDOM NUMBERS AND ENCRYPTION
FIELD OF THE INVENTION
The invention relates to a method of generating multiple key arrays of random numbers for cryptographic and statistical purposes; and, more specifically, to a method of encryption and associated decryption of data using such key arrays.
BACKGROUND TO THE INVENTION
The well-known Vernam-Mauborgne Cipher1 (or One Time Pad [OTP]) provides perfect secrecy, proven mathematically by Shannon2. This quality of the cipher depends on a secret key being truly random, unpredictable, as long as the plaintext, and used only once.
In addition to being information-theoretically secure, the cipher has the further advantage that actual encryption of a plaintext to a ciphertext is simple and fast.
A drawback of this cipher is the fact that the amount of key material required is as large as the plaintext being encrypted. If the cipher is used to encrypt data for storage, secret key storage equal to the plaintext length is required, doubling
1 Vernam patent 1919: US 1310719, later improved in conjunction with Mauborgne.
2 Communication Theory of Secrecy Systems by CE Shannon, from confidential report "A Mathematical Theory of Cryptography" dated 1 Sept 1946, since declassified. This is available as a pdf file at http://netlab.cs.ucla.edu/wiki/files/shannon1949.pdf, a work by Dr Jiejun Kong. total storage volume. Therefore, other than for small amounts of data, key management becomes onerous.
It should be emphasized that this cipher requires truly random data for its key. Thus, a deterministic process cannot be used, for it must not be possible to determine any other value from one or more observed values. A source of natural randomness, free of cyclical variation is required, as provided by sources obeying quantum physics. Some examples providing excellent sources of such randomness utilise timing of intervals between the emission of nuclear decay particles from a radioactive source, or those between the emission of photons from a light source, or counting the number of photons passing through and being reflected by a semi-reflective mirror.
A further drawback of this cipher is that, if it is employed to secretly communicate between two or more parties, the secure transport of a unique set of replenishment key data for each ciphertext becomes an additional problem.
A traditional replenishment method uses trusted couriers. However, this does not provide certainty that an adversary has not acquired the data.
A modern alternative replenishment method is Quantum Key Distribution [QKD]3, which utilizes the Heisenberg uncertainty principle of quantum physics to enable detection of any attempt by an adversary to read the data in the quantum channel (optical fibre or free space/air, etc). QKD can thus ensure the key is secret. However, the verification process requires numerous between- party communications, and discarding of portions of the key stream, reducing the net rate of ciphertext generation. In addition, there is an exponential increase in channel losses with increase in path-length. Thus, only a small fraction of the channel's capacity can be used for OTP-encrypted traffic, which fraction reduces rapidly with increase in path-length. For example, a 45km channel has been able to provide 1 Mb/s, sufficient for the transmission of video. 1 Mb/s is -0.01 % of a typical 10 Gb/s optical fibre channel. It is for this reason that block ciphers are used to achieve better utilization of expensive
3 Quantum key distribution: https://en.wikipedia.org/wiki/Quantum_key_distribution, a descriptive overview. channel capacity. Such ciphers only require short keys, but cannot provide perfect secrecy.
It follows that the OTP, although providing a secure method of encryption, is impractical in many instances.
OBJECT OF THE INVENTION
It is an object of the current invention to address and overcome some of the problems and drawbacks described above.
SUMMARY OF THE INVENTION
In accordance with a first aspect of the invention there is provided a method of encryption, comprising: a. providing a master random number array; b. selecting a plurality of predetermined unique indices to serve as offsets within the master random number array; c. recording as referencing data the details of each offset; d. using an offset in the master random number array that is unique to a plaintext data set to be encrypted; e. extracting first random number data from the offset within the master random number array, which random number data corresponds in length to a state-space of a Pseudo-Random Number Generator [PRNG], to provide a seed; f. using the seed to fill the state-space of the PRNG that generates uniform random numbers; g. extracting second random number data from the next index within the master random number array, which second random number data corresponds in length to that of the plaintext data set to be encrypted, to provide a master array copy; h. generating PRNG output and using the PRNG output to provide indices for a shuffle algorithm to re-order the master array copy to produce an encryption key as an array of random number data; and i. using the encryption key to encrypt the plaintext data set into a ciphertext.
The invention further provides for a method as defined, in which the steps d. to i. are repeated for each plaintext data set to be encrypted.
A further feature of the invention provides for a method as defined, in which decryption of the ciphertext comprises: a. using the referencing data to identify the master random number array and offset relevant to the encrypted plaintext data set; b. repeating the steps taken during encryption, substituting the ciphertext length for the plaintext length, to recreate the original encryption key; and c. using the encryption key to decrypt the ciphertext.
Further features of the invention provide for a method as defined, wherein the master random number array is used as a circular, continuous array starting from the offset unique to the plaintext data set to be encrypted; and in which the master random number array is a truly random number [TRN] array (produced by a truly random number generator [TRNG]).
A further feature of the invention provides for a method as defined, in which the PRNG has a repeat period greater than the length of the plaintext data set to be encrypted.
Further features of the invention provide for a method as defined, in which the shuffle algorithm is a Durstenfeld-Fisher- Yates shuffle [DFYS] algorithm; and in which the key array of random number data is used with a Vernam-Mauborgne (One-time Pad) [OTP] cipher to encrypt the plain text data set. A further feature of the invention provides for a method as defined, which is used to encrypt a newly-generated master random number array and referencing data and transmit the newly-generated master random number array and referencing data as ciphertext between parties each in possession of the existing master random number array and referencing data used to produce the ciphertext.
In accordance with a first aspect of the invention there is provided a method of generating multiple key arrays of random numbers, comprising: a. providing a master random number array; b. selecting a plurality of predetermined unique indices to serve as offsets within the master random number array; c. recording as referencing data the details of each offset; d. selecting an offset in the master random number array; e. extracting first random number data from the selected offset within the master random number array, which first random number data corresponds in length to a state-space of a Pseudo-Random Number Generator [PRNG], to provide a seed; f. using the seed to fill the state-space of a PRNG that generates uniform random numbers; g. extracting second random number data from the next index within the master random number array, which second random number data corresponds in length to the key array of random numbers required, to provide a master array copy; h. generating PRNG output and using the PRNG output to provide the indices for a shuffle algorithm to re-order the master array copy to produce a key as an array of random number data. The invention further provides for a method as defined, wherein the master random number array is used as a circular, continuous array starting from the offset.
A further feature of the invention provides for a method as defined, in which the master random number array is a truly random number [TRN] array (produced by a truly random number generator [TRNG]).
A further feature of the invention provides for a method as defined, in which the PRNG has a repeat period greater than a length of the key array of random numbers required.
DEFINITIONS
For the purposes of the "Description of the Invention" that follows in this patent specification, each term listed below in bold type shall be taken to include/mean the term/s listed in normal type following it.
Truly random number/s [TRN]: Members of a set of such numbers generated by a non-deterministic process, each within a given range of values, of which none can be predicted after observing one or more, or a series thereof, whether isolated or contiguous, and indicated to be random by suitable statistic tests.
Statistic tests: Given a large set of many random numbers (bytes), they should be unpredictable, substantially uncorrelated, uniformly distributed, and have few long repeat runs. The set should be tested for incompressibility, correlation, entropy, and distribution, at least.
Truly random number generator [TRNG]: A non deterministic means of generating a sequence of truly random numbers/bytes with substantially equal counts of all values in its output, when considering a large output array.
Array: A list, array, table, file, or the like, wherein reference can be made to each contained data item by an index. It can loosely include a string of characters, indexed by their positions in the string. Large (when applied to random number arrays): Of such size the criteria being considered are satisfied thereby.
Index/indices: Reference's in an array, enabling individual data items to be inserted, accessed, replaced, modified, and/or removed.
Offset: A selected starting index in an array.
Circular array: An array of n elements, having indices (j) from (0 to n-1 ), addressed by external indices (k) with the same limits, starting from a selected starting point index (the offset), and traversed in the direction of increasing indices up to its end, whereupon the traverse loops to the array's beginning and continues up to the index before the offset. A circular array is typically produced by using a linked list or a simple array, i.e., an array comprising one value for each index.
For a simple array, the following illustrative algorithm indicates one addressing method: let max = n - offset; if (k < max) { j = k + offset } else { j = k - max }
Note: this algorithm excludes multiple traversals that will be required if the external indices exceed n-1 .
Seed: Initializing data supplied to initialize a pseudorandom number generator so as to enable it to begin generating random numbers of the required quality.
Pseudorandom number generator [PRNG]: A deterministic or algorithmic means of generating random numbers, over a given range, having a uniform distribution of values, as determined by the best or suitable current randomness tests, and such that different initializing seeds result in different series of random numbers being generated.
Preferred pseudorandom number generator [PPRNG]: A fast pseudorandom number generator producing uniformly distributed numbers, as well as having a very long repeat period, greater than that of the data set for which it is required e.g. the dSFMT 2,2 2012 Mersenne-Twister4, or better. This has repeat periods of 2521-1 to 2216091-1 values (219937-1 is common). For very fast generation, a Graphic Process Unit [GPU] or Field Programmable Gate Arrays [FPGA] implementation is appropriate.
Plaintext: An array or string of data, words, figures, bits or bytes, which forms the subject matter of an operation, e.g., data (image, text, program file, etc) storage, message transfer, random sampling, etc., optionally containing hash values used for verification and authentication.
Durstenfeld-Fisher-Yates shuffle5 [DFYS] algorithm: An algorithm which, provided the random numbers used to index it are uniformly distributed and unbiased, ensures that the resulting permutation is random and unbiased. One version to shuffle an array in place is illustrated below: let sArr be an array of n elements (indices 0..n-1 ); for i from n - 1 down to 1 do { j = random integer with 0≤ j≤ i; exchange sArr[ j ] and sArr[ i ] }
Note: the above shows a shuffle-in-place version. Alternative versions may be employed.
In this document, whenever this particular shuffle is mentioned, an alternative shuffle may be employed, as long as it is capable of ensuring that the resultant permutation is random and unbiased.
Key or key text: An array of truly random numbers/bytes used to encrypt a plaintext/decrypt a ciphertext.
Ciphertext: An array or string produced by a cipher algorithm that encodes a plaintext using a key, rendering the plaintext in an unreadable form without the proper cipher and key to decrypt it.
4 Mersenne-Twister: invented by Makoto Matsumoto & Takuji Nishimura - refer http://www.math.sci.hiroshima-u.acJp/~m-mat7MT/emt.htrnl
5 Durstenfeld-Fisher-Yates algorithm: origins can be seen in "Statistical tables for biological, agricultural and medical research" (3rd ed.), Fisher, R. A., Yates, F., Oliver & Boyd, London, 1938, pp. 26-27 and "Algorithm 235: Random permutation", Durstenfeld, Richard, Communications of the ACM 7 (7): 420, 1964). Wikipedia ref: https://en.wikipedia.org/wiki/Fisher%E2%80%93Yates shuffle XOR: Bitwise Exclusive OR produces a value of True if one but not both of its operands is True, i.e., returns True if either the value to the left or the value to the right of the operator is True, but not both. If both values are False or both values are True, the result of the operation is False.
QKD (Quantum Key Distribution): Method of cryptographic key distribution that utilizes the Heisenberg uncertainty principle of quantum physics to enable detection of any attempt by an adversary to read the data in the quantum channel (optical fibre or free space/air, etc).
GENERAL DESCRIPTION OF THE INVENTION
Under this heading, an overview of the method of the invention, described in simplified form, is provided.
It is convenient for a human to view a set of truly random binary data in 8-bit byte chunks that comprise the extended ASCII code (American Standard Code for Information Interchange), e.g., alphabet characters, numerals and special characters. However large a set of TRN may be, it contains a maximum of 256 different byte-values. In a large set, the TRN are by definition substantially uniformly random, and therefore the set contains substantially equal counts of each byte-value. Similarly, the order in which the individual bytes are generated is truly random. In the course of time, the generator delivers an array of TRN.
If the array indices are reordered in a uniformly random manner by a PPRNG and DFYS, a new set of TRN is obtained. If this shuffling process is carried out in private, it is impossible for an observer of the TRN array to determine whether the array was generated by the TRN generator, or by the shuffle. Neither can the observer determine the PPRNG output.
Now, any large set of TRN, although possessing good statistics, will not have exactly equal numbers of each byte-value, by the very nature of randomness. However, if large subsets are randomly taken from this large set of TRN, differing statistics of the shuffled subsets are obtained, because the byte-counts will differ between subsets. However, all subsets will have acceptable variations and be TRN. If each subset's PPRNG seed is extracted from a unique offset, the shuffled subset will be unique.
The quality of the shuffled TRN set is dependent on that of the original set, the quality of the indexing PPRNG, the shuffle algorithm used, and the PPRNG seed. To ensure good quality PPRNG outputs, the seeds should comprise TRN subsets and be unique to each shuffling operation.
The fact that one set of TRN generated by the TRNG can provide many OTP keys enables the periodic transmission of a newly-generated TRN set by encrypting the latter with the previous key. This solves the OTP key distribution problem. It also diminishes the necessity of QKD, as will be evident from the "Application of the method together with Quantum Key Distribution" that follows below.
The key storage requirement, if keys need to be stored, is reduced from one whole key per encryption, to a single TRN array and a small amount of key shuffling data that will enable recreation of a particular key. This solves the OTP key storage problem.
A high rate of OTP encryption is enabled, because the required rate of new TRN generation is reduced to a small fraction of the encryption rate (see the "comment" under Example 1 below, for example).
BRIEF DESCRIPTION OF THE DRAWING
The features of the invention will now be described, by way of example only, with reference to specific embodiments, in which reference is made to the accompanying drawing
Figure 1 which shows a schematic layout of the method of the invention as it is used to achieve secrecy of data during storage and/or transmission.
DETAILED DESCRIPTION OF THE INVENTION An array, hereinafter termed the Master array, of non-deterministically generated truly random numbers is considered as a circular array, starting from an offset unique to each data set to be encrypted, and a unique set of truly random numbers sufficient to fill the state-space of a preferred pseudo-random generator extracted.
A copy array of the following truly random numbers, of length equal to the data set in question, is then extracted. This copy is shuffled in an unbiased manner, indexed by the uniformly-distributed numbers generated by the preferred pseudo-random generator. This array is used as a Vernam-Mauborgne encryption key.
Encryption key management is greatly simplified, as many encryptions can be executed using the original Master array of truly random numbers Thus, each stored truly random number array generated by an often relatively slow-paced quantum process, can provide unique encryption keys for each of many sets of data, eliminating the key storage problem normally associated with the Vernam- Mauborgne cipher.
An ID file or array containing the unique offsets associated with each plain/ciphertext is maintained. This enables the correct unique encryption/decryption key to be generated. Each entry is securely deleted when no longer required.
If the Master array file and its relevant ID file or array are safely stored and kept secret until no longer required, the requirements of the Vernam-Mauborgne cipher will be met.
One typical application using the above simple method would be data archiving, where a single user encrypts and decrypts the data. The ID file record concerning a particular plaintext/ciphertext is securely deleted when decryption is no longer required.
If the method is employed to pass data between two or more users, then it may be modified to include Master array file shuffling between each encryption/decryption, dedicated Master/ID file ranges per user, and erasing of the particular offsets.
This enables any user to decrypt a message received from any other user, and prevents an attacker who gains possession of a user's system from generating any previously- used key.
If more than one party is employing the cipher to secretly communicate, a new set of truly random number data can be sent encrypted under a key from the existing Master array, as a message or group of messages, i.e., without secret physical transfer or quantum key distribution. From this set of truly random number data, new Master and associated ID array/s can be generated. This overcomes the seed resupply problem normally experienced with the Vernam- Mauborgne cipher, and enables almost full channel capacity to be used for transmission of perfectly secret data.
These advantages of the method eliminate the principle objections to the use of the Vernam-Mauborgne cipher.
Examples of application:
The examples provided below are illustrative of method applications and are intended to show good-practice approaches.
Firstly, an example of the application of the method when employed by one party to achieve perfect secrecy of data during transmission and local or remote storage, via the internet or dedicated means, is described. See Example 1 , below.
Secondly, an example of the application of the method when employed by two or more parties to achieve perfect secrecy of data exchange is described, including steps that nullify attacks on previously-generated ciphertexts by an attacker who has gained possession of the system. See Example 2, below. Thirdly, the application of the method used in conjunction with QKD is described. See the description of "Application of the method together with Quantum Key Distribution" below.
Lastly, a note is made regarding the use of a portion of the method for non- encryption applications, such as statistical analysis, random sampling, etc. See the description of "Non-encryption applications of certain steps of the method" below.
The reference numbers in bold type, e.g. 100, refer to numbers in the accompanying Figure 1 , and/or serve to identify elements being described in the text.
Example 1 : Achieving secrecy of data during transmission and/or storage
The method comprises the following steps:
Master array: From a truly random number generator, the TRNG 10, obtain a large Master array 20 of truly random bytes, verified by statistical tests.
(The length should be chosen while bearing in mind the size of plaintexts likely to be encountered, and the minimum statistical test-size required. It could typically have a length of 10 MB to 10 GB with one byte in the range [0..255] at each index in the Master array. For the purpose of this document, as an example, a Master array length of 20 MB is chosen, which is considered to be larger than 90% of the files normally processed by an average user.)
ID array: Create an ID array 30 with column labels Input Name 32, Offset 33, Output Name 34.
Fill the Offset 33 column with unique random indices into the Master array 20, substantially evenly spaced throughout its length. (Considering the 20 MB Master array example, the number of files to be encrypted using this Master array could be, say, 200 000. The offsets could then be at approximately 100 byte intervals, within say 10 %.)
The offsets should be shuffled before being inserted in the ID array.
Fill the Output Name 34 column with archive file identifiers such that the Master and ID array identities are registered, but otherwise random, e.g., "05605*~8f!" meaning the Master number 56 is being used together with the ID array number 5, with a unique random number.
Insert the unique name of each Plaintext being encrypted into the Input Name 32 column.
(The Master array 20 might be used to supply data to encrypt 200 000 Plaintexts, for example. There might be 100 ID arrays of 2000 rows used in conjunction with that Master array, to facilitate sorting/searching.)
Usage: For each Plaintext to be handled, enter the name into the first available empty field in the Input Name 33 column of the ID Array 30. This name might comprise the Plaintext's file name, with its last-modified date-time data and should end with the first five digits of the Output Name 34 appended. Consider this row in the ID array 30 as the "active row".
Using a cryptographic hash algorithm6, e.g., MD5, create a hash of the resultant Plaintext, and append it to the Plaintext to create the Plaintext- with-Hash 160.
Determine the Length 190 of the Plaintext-with-Hash 160.
Seed: Create Seed 80 by sequentially extracting truly random numbers from the Master array 20, considering it as a circular array starting from the Offset 60 determined by the ID array's offset in column 33.
6 Cryptographic Hash algorithm: a general overview is provided here: http://en.wikipedia.or /wiki/Crvptoqraphic hash function. The fact that the cryptographic hash is encrypted with the plaintext renders it secret. Thus, an adversary cannot attack it. Therefore, even if the hash is considered to be vulnerable when visible in the clear, e.g., the MD5 hash, it is adequate for the required duty. The number of truly random numbers that will form the Seed 80 depends upon the chosen pseudo-random generator (PRNG). If the PPRNG 90 (a Mersenne-Twister, in this case) is selected, as indicated in example of Figure 1 , the state-space requires 624 x 32-bit integers to fill it, or 2496 Bytes.
The Offset 70 is that index immediately after the index used to extract the final truly random number extracted for the Seed 80 from the Master array 20. Offset 70 now serves as the zero index of the Master array 20, configured as a circular array.
Master Array Copy: Starting at the Offset 70, create Master array copy 130 of the Masterarray 20 equal to the Plaintext-with-Hash 160 of Length 190, by reading sequential bytes from Master array 20, considered as a circular array, until the required array length is reached.
If the Length 190 exceeds, say, three times the Master array 20 length, then split the Plaintext into two or more portions and treat them as separate Plaintexts with appropriately annotated Input Names 32 so that, on decryption, they can be correctly concatenated into the original Plaintext. The steps from 'Usage', above, must be carried out for each portion.
Note: if many Plaintexts of such length are to be handled, clearly the size of the Master array 20 was incorrectly chosen, and should be increased.
Encryption Key: With the Durstenfeld-Fisher- Yates shuffle algorithm 140, indexed by the random numbers issued by the PPRNG 90, shuffle the Master array copy 130 (preferably in-place) to create the Encryption key 150.
Encryption: XOR 170 each byte of the Plaintext-with-Hash 160 with the corresponding byte of the Encryption key 150 to create the Ciphertext 180. If volatile memory was not used for the Master array copy 130 and if the Encryption key 150 was not created by shuffling the Master array copy 130 in place, then securely delete it/them.
Storage: Store the Ciphertext 180 using its Output Name 34 as the file name, either locally or at one or more remote location/s.
Note: Several copies, each stored at different locations, increase data security in that retrieval of error-free data is more assured.
Retrieval: When it is desired to retrieve the Plaintext, identify the correct Master and ID files from the stored file name.
Using the identified ID file, locate the relevant Input Name 32 in the ID array 30 and thereby retrieve the Plaintext's stored Output Name 34. Retrieve the Ciphertext 180 file from storage, using that name.
Repeat the steps taken during encryption, substituting the Ciphertext 180 length for the Plaintext-with-Hash 160, thus recreating the original Encryption key 150.
Decryption: XOR 170 each byte of the Ciphertext 180 with the corresponding byte of the Encryption key 150 to retrieve the Plaintext- with-Hash 160.
Verify Integrity & Authenticity: Remove the hash from the Plaintext- with-Hash 160, compute the hash of the remaining Plaintext using the original hash algorithm, and compare with the decrypted hash. If the hashes differ, the ciphertext contains errors or has been corrupted, and retrieval from another storage location should be tried.
Comment:
If one takes 5 MB to be the average Plaintext-with-Hash size and uses the example Master array size of 20MB, and total ID arrays' length of 200 000 rows of typically -128 Bytes each, or -25.6 MB, it can be seen that the ratio of Plaintext-with-Hash to key and reference data would be: -(200000 x 5)/(20+25.6), or -21930:1 (1TB :45.6 MB).
Each Plaintext is encrypted with a unique truly random key.
It is not possible: to decrypt the stored Plaintext without possession of the Master array 20 and the ID array 30.
A passive attacker viewing the Ciphertext cannot learn anything more about the Plaintext than he knew prior to viewing the Ciphertext.
Although an attacker possessing a ciphertext-plaintext pair will, as with any cipher, be able to determine the applicable key, that key is not reused. Thus the knowledge is useless as far as other decryptions are concerned,
Knowledge of a Plaintext's encryption key wii! not enable an attacker to deduce the Master array.
Note; although occasional plaintexts of length greater than the Master array can be handled, it is suggested that such length should not exceed 300% of the Master array. This is because the deviation from perfect distribution, inherent in any Truly Random Number sequence, may be - exaggerated by the repetition, I.e., the effects of skew that always exists can increase, resulting in inferior sequences (mostly as regards correlation). It is best to use a Master array of length greater than any plaintext to be encrypted.
Example 2: Method of achieving secrecy of data message transmission between two or more parties
The method in Example 1 , above, can be adapted to provide perfect secrecy of data message transmission between two, or more, parties, by providing duplicate Master and ID files to each party, and allocating unique ranges of ID data to each. This system is simple and fast. It provides perfect secrecy provided each party preserves the secrecy of the Master and ID arrays.
However, an attacker who gains possession of a set of Master/ID data could then use it to decrypt an intercepted data message, by brute-force search of the Master for the relevant offset.
Therefore, a highly secure version is described, which denies an attacker access to used keys even after gaining possession of Master and ID array data.
When multiple parties are involved, the communication topology is likely to have a mesh structure, i.e., any party can communicate with any other party. The method comprises the following steps.
Master array/s: As per Example 1 Master Array. As many unique Masters as there are parties are required. Each party has all Masters and their associated ID arrays m his possession. Each party has a unique Master allocated for him to encrypt data. He uses the sender's Master to decrypt that sender's data.
ID array: As per Example 1 ID Array, except that no Input Name 32 is used, there being only the two columns 33 and 34. Each Master has its own ID array.
Initially, the party generating the Truly Random Numbers and creating the Masters and ID arrays transfers copies of the Master and ID arrays to all parties in a secure physical manner, maintaining data secrecy.
Note: Each party uses his allocated Master and its ID array to encrypt all data messages he sends, and the sender's allocated Master and its ID array to decrypt a received data message.
X. Sender's Usage: As per Example 1 Usage, except that the Input Name, with a unique termination character, is prefixed to the Plaintext, and then the Cryptographic hash, e.g., MD5, of that lengthened Plaintext, is created and appended to the Plaintext, to create the Plaintext-with- Hash 160. i. Plaintext-with-Hash length: As per Example 1 Plaintext-with- Hash length. ii. Seed: As per Example 1 Seed. iii. Master array copy: As per Example 1 Master array copy. iv. Encryption key: As per Example 1 Encryption key. v. Encryption: As per Example 1 Encryption. vi. Append the Output Name 34 from the ID array 30 to the ciphertext. vii. Transmission: Send the Ciphertext 180 to B under any arbitrary name, via the internet or any other suitable means, in the usual manner. viii. Shuffle the Master array: reseed the chosen preferred pseudorandom generator [PPRNG] 90 with the previously-used seed and shuffle the Master 20 array.
Y. Receivers Usage: On receiving a Ciphertext 180: i. First remove the Output Name 34 from the ciphertext and use it to search the sender's ID array 30 for a match. ii. Shuffle: If the preceding row is not empty, successively check previous rows, until an empty row is found. Then, using the first full row, successively shuffle the sender's Master, using the Offset 33 in each row of the ID array 30, and securely deleting each processed row, until the required Output Name 34 is reached. This ensures that the Master is the same as that used to make the ciphertext, although intervening ciphertexts were not received by this particular receiver. iii. Repeat the steps from 'Plaintext-with-Hash length' X.i to 'Encryption key' X.iv, above, substituting the 'ciphertext' for 'plaintext', thus recreating the original encryption key. iv. XOR 170 each byte of the Ciphertext 180 with the corresponding byte of the Encryption key 150 to retrieve the Plaintext-with-Hash 160, including its prefixed Input Name 32, and, if applicable, its prefixed annotation regarding its Plaintext portion. v. Remove the hash from the Plaintext-with-Hash 160, compute the hash of the remaining Plaintext, using the original hash algorithm, and compare with the decrypted hash. If the hashes differ, the ciphertext contains errors or has been corrupted or attacked, and the sender should be notified. vi. Remove the Input Name that was prefixed 10 the Plaintext, which has now been decrypted. This is the original Plaintext filename. Securely delete the used row in the ID array 30. vii. Shuffle the sender's Master array 30, as per X.vi. That Master array is now identical to that of the sender after he encrypted the data message.
Periodically, a data message should be sent to all parties, by each party, so that all parties' Masters are updated to the same state.
Comment:
As per Example 1 above.
The shuffling of the Master array, after key generation, prevents an attacker from determining any previously used keys, should he gain possession of the Master and ID array files. The periodical sending of a data message from each party to all other parties and the resultant up to date state of the Masters ensures that no previous message, between any parties, can be decrypted by an attacker in possession of one or more party's/parties' Masters and ID arrays. Replacement truly random number data sets may be securely transferred by sending them as messages secured with the existing Master/s and ID array/s. From these data sets, new sets of Master/s and ID arrays can be generated by each party.
This overcomes one of the principle difficulties associated with the use of the Vernam-Mauborgne cipher when used for message interchange, i.e., that of key resupply.
Application of the method together with Quantum Key Distribution:
If, despite the considerable cost of QKD equipment and the distance limitations imposed by channel losses on effective QKD, it is not considered feasible to physically deliver an initial TRN array to both parties who are communicating via optical fibre, space, or air paths, then QKD can be used to deliver this data from the party having the TRNG or PTRNG to the other. This would be a one-time requirement, on initial channel setup.
As QKD will only be required to transfer one initial set of TRN data, it is feasible to use QKD over a long path-length. Published figures for QKD over a 250km optical fibre channel indicate ~2b/s, or ~7kB/h, is possible. For that path-length, the time taken to transfer the required initial data might run to a day or more.
A large TRN array can be generated by concatenating, say, 100kB sets, and then shuffling. The resultant key can then be used to transfer a TRNG key and then discarded. Thereafter, QKD is not required further, and high channel data-rate is enabled. Normal periodic TRN key replenishment is then effected as described in Example 2.
Note that the initial shuffled key is guaranteed secret, is only used once and encrypts a TRNG set. The resultant ciphertext cannot be analysed.
Non-encryption applications of certain steps of the method: For certain applications, e.g., statistical analysis, random sampling, etc., large amounts of truly random data are preferred. The method described above in Example 2 for transmission between two or more parties can be applied, with omission of the encryption/decryption steps. The ID array 30 will omit the Output Name 34 column. The Encryption key 150 forms the required data set. The recipients can duplicate any set of data by using the Input Name 32 and retrieving the Offset 33.
The invention accordingly provides a method of achieving Shannon's perfect secrecy of data transmission and storage. The method incorporates authenticity and integrity verification. It eliminates the main problems, i.e., the key length resulting in twice the data storage requirement, and key replenishment requiring secure physical transfer.
As the information-theoretically secure encryption is immune to attack, the current concerns regarding insecurity of file storage, on or off-site, in the cloud, etc., fall away. This should result in a significant marketing advantage.
In addition to data storage, the method provides perfect secrecy of data during communication between two or more parties, e.g., using a mesh topology. Replenishment of key material is effected without the necessity of secure physical delivery.
A person skilled in the art will appreciate that a number of variations may be made to the features of the embodiments described without departing from the scope of the present invention.

Claims

CLAIMS:
1 A method of encryption, comprising: a. providing a master random number array; b. selecting a plurality of predetermined unique indices to serve as offsets within the master random number array; c. recording as referencing data the details of each offset; d. using an offset in the master random number array that is unique to a plaintext data set to be encrypted; e. extracting first random number data from the offset within the master random number array, which random number data corresponds in length to a state-space of a Pseudo-Random Number Generator [PRNG], to provide a seed; f. using the seed to fill the state-space of the PRNG that generates uniform random numbers; g. extracting second random number data from the next index within the master random number array, which second random number data corresponds in length to that of the plaintext data set to be encrypted, to provide a master array copy; h. generating PRNG output and using the PRNG output to provide indices for a shuffle algorithm to re-order the master array copy to produce an encryption key as an array of random number data; and i. using the encryption key to encrypt the plaintext data set into a ciphertext.
2. A method as claimed in claim 1 , in which the steps d. to i. are repeated for each plaintext data set to be encrypted.
3. A method as claimed in claim 1 or claim 2, in which decryption of the ciphertext comprises: a. using the referencing data to identify the master random number array and offset relevant to the encrypted plaintext data set; b. repeating the steps taken during encryption, substituting the ciphertext length for the plaintext length, to recreate the original encryption key; and c. using the encryption key to decrypt the ciphertext.
4. A method as claimed in any one of claims 1 to 3, wherein the master random number array is used as a circular, continuous array starting from the offset unique to the plaintext data set to be encrypted.
5. A method as claimed in any one of claims 1 to 4, in which the master random number array is a truly random number [TRN] array.
6. A method as claimed in any one of claims 1 to 5, in which the PRNG has a repeat period greater than the length of the plaintext data set to be encrypted.
7. A method as claimed in any one of claims 1 to 6, in which the shuffle algorithm is a Durstenfeld-Fisher- Yates shuffle [DFYS] algorithm.
8. A method as claimed in any one of claims 1 to 7, in which the key array of random number data is used with a Vernam-Mauborgne (One-time Pad) [OTP] cipher to encrypt the plain text data set.
9. A method as claimed in any one of claims 1 to 8, which is used to encrypt a newly-generated master random number array and referencing data and transmit the newly-generated master random number array and referencing data as ciphertext between parties each in possession of the existing master random number array and referencing data used to produce the ciphertext.
10. A method of generating multiple key arrays of random numbers, comprising: a. providing a master random number array; b. selecting a plurality of predetermined unique indices to serve as offsets within the master random number array; c. recording as referencing data the details of each offset; d. selecting an offset in the master random number array; e. extracting first random number data from the selected offset within the master random number array, which first random number data corresponds in length to a state-space of a Pseudo-Random Number Generator [PRNG], to provide a seed; f. using the seed to fill the state-space of a PRNG that generates uniform random numbers; g. extracting second random number data from the next index within the master random number array, which second random number data corresponds in length to the key array of random numbers required, to provide a master array copy; and h. generating PRNG output and using the PRNG output to provide the indices for a shuffle algorithm to re-order the master array copy to produce a key as an array of random number data.
1 1 . A method as claimed in claim 10, wherein the master random number array is used as a circular, continuous array starting from the offset.
12. A method as claimed in claim 10 or claim 1 1 , in which the master random number array is a truly random number [TRN] array.
13. A method as claimed in any one of claims 10 to 12, in which the PRNG has a repeat period greater than a length of the key array of random numbers required.
PCT/IB2014/065409 2013-10-17 2014-10-17 A method of generating key arrays of random numbers and encryption WO2015056236A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA201302934 2013-10-17
ZA2013/02934 2013-10-17

Publications (1)

Publication Number Publication Date
WO2015056236A1 true WO2015056236A1 (en) 2015-04-23

Family

ID=52827744

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2014/065409 WO2015056236A1 (en) 2013-10-17 2014-10-17 A method of generating key arrays of random numbers and encryption

Country Status (1)

Country Link
WO (1) WO2015056236A1 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016177332A1 (en) * 2015-05-05 2016-11-10 科大国盾量子技术股份有限公司 Cloud storage method and system
US10031795B1 (en) * 2017-12-22 2018-07-24 ISARA Corporation Using conversion schemes in public key cryptosystems
US10061636B1 (en) * 2017-12-22 2018-08-28 ISARA Corporation Conversion schemes for public key cryptosystems
WO2019088689A1 (en) * 2017-10-31 2019-05-09 주식회사 로보티어 Puf-qrng quantum cryptographic security terminal system and cryptographic key generation method
US10404458B1 (en) 2017-11-17 2019-09-03 ISARA Corporation Multi-round key encapsulation process
CN110519222A (en) * 2019-07-12 2019-11-29 如般量子科技有限公司 Outer net access identity authentication method and system based on disposable asymmetric key pair and key card
DE102018116572A1 (en) * 2018-07-09 2020-01-09 Infineon Technologies Ag PROTECTION AGAINST SIDE CHANNEL ATTACKS
CN110798311A (en) * 2019-10-15 2020-02-14 中国电子科技集团公司第三十研究所 IP encryption method for realizing one-time pad based on quantum true random number matrix
CN112187447A (en) * 2020-10-22 2021-01-05 南方电网科学研究院有限责任公司 Encryption and decryption algorithm key generation method and device
CN112835554A (en) * 2020-12-31 2021-05-25 中国科学院信息工程研究所 Random number generation, regeneration and tracking method based on non-uniform random source in group and electronic device
CN113645367A (en) * 2021-07-14 2021-11-12 河南大学 Batch image combined encryption method and device
US11237800B2 (en) 2019-11-12 2022-02-01 International Business Machines Corporation Time-shifted seed for random number generator
CN114785527A (en) * 2022-06-17 2022-07-22 深圳市深圳通有限公司 Data transmission method, device, equipment and storage medium
CN115499124A (en) * 2022-11-17 2022-12-20 达芬骑动力科技(北京)有限公司 Data transmission method and system and electric automobile
CN115955306A (en) * 2022-12-30 2023-04-11 北京海泰方圆科技股份有限公司 Data encryption transmission method and device, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020159588A1 (en) * 2001-04-27 2002-10-31 Kauffman Jason R. Cryptography with unconditional security for the internet, commercial intranets, and data storage
US20030142821A1 (en) * 2002-01-02 2003-07-31 Ross David Marshall Cryptographic one time pad technique
US20060177065A1 (en) * 2005-02-09 2006-08-10 Wal-Mart Stores, Inc. System and methods for encrypting data utilizing one-time pad key
US20120134495A1 (en) * 2010-11-29 2012-05-31 Beijing Z & W Technology Consulting Co., Ltd. Cloud Storage Data Access Method, Apparatus and System Based on OTP
WO2012071722A1 (en) * 2010-11-29 2012-06-07 北京卓微天成科技咨询有限公司 Storage method, device and system for cloud storage data based on one-time pad (otp)

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020159588A1 (en) * 2001-04-27 2002-10-31 Kauffman Jason R. Cryptography with unconditional security for the internet, commercial intranets, and data storage
US20030142821A1 (en) * 2002-01-02 2003-07-31 Ross David Marshall Cryptographic one time pad technique
US20060177065A1 (en) * 2005-02-09 2006-08-10 Wal-Mart Stores, Inc. System and methods for encrypting data utilizing one-time pad key
US20120134495A1 (en) * 2010-11-29 2012-05-31 Beijing Z & W Technology Consulting Co., Ltd. Cloud Storage Data Access Method, Apparatus and System Based on OTP
WO2012071722A1 (en) * 2010-11-29 2012-06-07 北京卓微天成科技咨询有限公司 Storage method, device and system for cloud storage data based on one-time pad (otp)

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10581599B2 (en) 2015-05-05 2020-03-03 Quantumctek Co., Ltd Cloud storage method and system
WO2016177332A1 (en) * 2015-05-05 2016-11-10 科大国盾量子技术股份有限公司 Cloud storage method and system
WO2019088689A1 (en) * 2017-10-31 2019-05-09 주식회사 로보티어 Puf-qrng quantum cryptographic security terminal system and cryptographic key generation method
US10404458B1 (en) 2017-11-17 2019-09-03 ISARA Corporation Multi-round key encapsulation process
US10454681B1 (en) 2017-11-17 2019-10-22 ISARA Corporation Multi-use key encapsulation processes
US10031795B1 (en) * 2017-12-22 2018-07-24 ISARA Corporation Using conversion schemes in public key cryptosystems
US10061636B1 (en) * 2017-12-22 2018-08-28 ISARA Corporation Conversion schemes for public key cryptosystems
DE102018116572A1 (en) * 2018-07-09 2020-01-09 Infineon Technologies Ag PROTECTION AGAINST SIDE CHANNEL ATTACKS
US11476872B2 (en) 2018-07-09 2022-10-18 Infineon Technologies Ag Protection against side-channel attacks
CN110519222A (en) * 2019-07-12 2019-11-29 如般量子科技有限公司 Outer net access identity authentication method and system based on disposable asymmetric key pair and key card
CN110519222B (en) * 2019-07-12 2021-10-22 如般量子科技有限公司 External network access identity authentication method and system based on disposable asymmetric key pair and key fob
CN110798311A (en) * 2019-10-15 2020-02-14 中国电子科技集团公司第三十研究所 IP encryption method for realizing one-time pad based on quantum true random number matrix
CN110798311B (en) * 2019-10-15 2021-12-17 中国电子科技集团公司第三十研究所 IP encryption method for realizing one-time pad based on quantum true random number matrix
US11237800B2 (en) 2019-11-12 2022-02-01 International Business Machines Corporation Time-shifted seed for random number generator
CN112187447A (en) * 2020-10-22 2021-01-05 南方电网科学研究院有限责任公司 Encryption and decryption algorithm key generation method and device
CN112835554A (en) * 2020-12-31 2021-05-25 中国科学院信息工程研究所 Random number generation, regeneration and tracking method based on non-uniform random source in group and electronic device
CN112835554B (en) * 2020-12-31 2023-11-07 中国科学院信息工程研究所 Random number generation, regeneration and tracking method based on non-uniform random source in group and electronic device
CN113645367B (en) * 2021-07-14 2022-04-29 河南大学 Batch image combined encryption method and device
CN113645367A (en) * 2021-07-14 2021-11-12 河南大学 Batch image combined encryption method and device
CN114785527A (en) * 2022-06-17 2022-07-22 深圳市深圳通有限公司 Data transmission method, device, equipment and storage medium
CN115499124A (en) * 2022-11-17 2022-12-20 达芬骑动力科技(北京)有限公司 Data transmission method and system and electric automobile
WO2024104218A1 (en) * 2022-11-17 2024-05-23 达芬骑动力科技(北京)有限公司 Data transmission method and system, and electric vehicle
CN115955306A (en) * 2022-12-30 2023-04-11 北京海泰方圆科技股份有限公司 Data encryption transmission method and device, electronic equipment and storage medium
CN115955306B (en) * 2022-12-30 2023-11-14 北京海泰方圆科技股份有限公司 Data encryption transmission method and device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
WO2015056236A1 (en) A method of generating key arrays of random numbers and encryption
US8401186B2 (en) Cloud storage data access method, apparatus and system based on OTP
CN104704768B (en) System for generating cryptographic key from the memory as the unclonable function of physics
US11381394B2 (en) High speed encryption key generating engine
WO2012071722A1 (en) Storage method, device and system for cloud storage data based on one-time pad (otp)
US11233662B2 (en) Keyless encrypting schemes using physical unclonable function devices
US20140112469A1 (en) Novel encryption processes based upon irrational numbers and devices to accomplish the same
US11997200B2 (en) Generating unique cryptographic keys from a pool of random elements
US20220382520A1 (en) System and method for sending and/or receiving entropy and entropy expansion
CN116527233B (en) Energy monitoring data management system based on cloud computing
US11075889B2 (en) Method and system for encrypting/decrypting data with ultra-low latency for secure data storage and/or communication
JP2004213650A (en) Data fragmentation method, data fragmentation device and computer program
CN107078900B (en) Cryptographic system based on reproducible random sequences
US11095442B1 (en) Generating unique cryptographic keys from a pool of random elements
CN104794243B (en) Third party&#39;s cipher text retrieval method based on filename
Dixit et al. Image encryption using permutation and rotational XOR technique
JP2009122731A (en) System for safely transmitting and/or managing file
Vershinin et al. Associative steganography of text messages
KR101232385B1 (en) Searchable Symmetric Encryption Method and System
Dhane et al. A novel high capacity reversible data hiding through encryption scheme by permuting encryption key and entropy analysis
CN113515769B (en) Big data rediscovery method and device based on hidden data
KR101076747B1 (en) Method and apparatus for random accessible encryption and decryption by using a hierarchical tree structure of stream cipher module
RU2254685C2 (en) Method of data conversion
KR20100087437A (en) Method, apparatus and computer-readable recording medium for operating compression and encryption of data
WO2020008363A1 (en) Method for encoding, transmitting and/or storing and decoding digital information in an unbreakable manner

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14853357

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14853357

Country of ref document: EP

Kind code of ref document: A1